System and method for authenticating transactions from a mobile device

ABSTRACT

Systems and methods for authenticating transactions from a mobile device are described, including authenticating a user and a merchant location. A remote server receives an authentication request from a point-of-sale device, and requests that a user&#39;s mobile device use an associated camera to take a picture of the user at the merchant location. The remote server then processes the picture to determine the authenticity of the user and the location, and provides an authentication approval or denial to the point-of-sale device, instructing the point-of-sale device to execute, or not to execute, the transaction.

FIELD OF THE INVENTION

The present invention relates to the authentication of transactionsusing a mobile device.

BACKGROUND

As mobile devices have become common among consumers, the correspondingpopularity of executing transactions using those mobile devices hasprovided an increased opportunity for fraud, and an increased need toproperly authenticate the participants to the transaction. Where thoseparticipants are identified by, or represented by, e.g., mobile devicesor point-of-sale (“POS”) devices, the need for authentication furtherextends to those devices. Systems for executing transactions using amobile device to identify the user or consumer run the risk of executingthe transaction for a false user, using a false device, or at a falsemerchant location.

If a false user is conducting the transaction using the mobile device,that false user may have obtained the mobile device through theft orfraud, and may have bypassed the user identification strategies of themobile device. For example, the false user may have illegitimatelyidentified the user's personal passwords, or forged a fingerprintcapable of circumventing a fingerprint identification functionality ofthe mobile device. The variety of mobile devices available to consumersmeans that such mobile devices have varying levels of securityfunctionality, leaving many users with limited ways to authenticate atransaction.

Further, authenticating the user alone does not achieve a sufficientlevel of security to protect the transaction. A false mobile device maybe used for the transaction, for example, as a “spoofed” devicemimicking the device of another consumer. A false merchant may be usinga faked POS device to imitate a true merchant.

There is a need for systems and methods for authenticating transactionparticipants, using technology common to mobile devices.

SUMMARY

To address these problems, the following systems and methodsauthenticate components of a transaction: one party, the user; and thecounterparty or merchant associated with a location such as a store orpoint of sale. Authenticating the location of the transaction, whilealso authenticating the user, provides necessary additional security fortransactions that may otherwise be fraudulently executed. The user'smobile device may further be authenticated. The systems and methods ofthe present invention provide a greater level of security totransactions using mobile devices. Further, by utilizing a remoteserver, the additional security features are not limited to anyparticular mobile device; if the mobile device has access to a cameraand to the remote server, it can use these security features.

In an exemplary embodiment, authenticating components of a transactionmay include receiving, by an authentication server, via a network, anauthentication request from a device associated with a location, theauthentication request including information identifying a userparticipating in the transaction; transmitting, by the authenticationserver, via the network, a picture request to a mobile device associatedwith the user; receiving, by the authentication server, via the network,a picture taken by the mobile device in response to the picture request,wherein the picture includes an image of at least a portion of the userand at least a portion of the location; analyzing, by the authenticationserver, the image to determine the probability that the image includesthe user, including comparing the image to images of the user stored inan identification database; analyzing, by the authentication server, theimage to determine the probability that the image includes the location,including comparing the image to images of the location stored in theidentification database; and, if the probability that the image includesthe user is above a user probability threshold, and the probability thatthe image includes the location is above a location probabilitythreshold, transmitting, by the authentication server, via the network,an authentication approval response to the device associated with thelocation.

The authentication may include comparing, by the authentication server,characteristics of the picture with information stored in theidentification database, the information being associated with themobile device, to determine the probability that the picture was takenby the mobile device associated with the user. The characteristics ofthe picture compared with information stored in the identificationdatabase may include at least one of the following: (a) pixel count; (b)resolution.

The picture may be taken by the mobile device in response to the picturerequest without additional commands from the user.

Analyzing the image to determine the probability that the image includesthe user may include comparing the angle at which the picture was taken,with the angle of images of the user stored in an identificationdatabase.

The authentication may include automatically transmitting, from themobile device, via the network, the images of the user to be stored inthe identification database.

The authentication may include storing, in the identification database,images from previous picture requests associated with the user. Theauthentication may further include using the images from previouspicture requests associated with the user to train the authenticationserver to determine the probability that an image includes the user.

The authentication may include storing, in the identification database,images from previous picture requests associated with the location. Theauthentication may further include using the images from previouspicture requests associated with the location to train theauthentication server to determine the probability that an imageincludes the location.

The step of analyzing the image to determine the probability that theimage includes the user may be performed, and then the user's image maybe removed from the image, and the step of analyzing the image todetermine the probability that the image includes the location may thenperformed.

In an exemplary embodiment, a system for authenticating components of atransaction includes an identification database containing useridentification information including reference images of a user,information identifying a mobile device associated with the user, andlocation identification information including reference images of alocation; and an authentication server, in communication with theidentification database, including an authentication processorprogrammed to receive an authentication request from a device associatedwith the location, the authentication request including informationidentifying the user participating in the transaction; transmit apicture request to the mobile device; receive a picture taken by themobile device in response to the picture request, wherein the pictureincludes an image of the at least a portion of the user and at least aportion of the location; analyze the image to determine the probabilitythat the image includes the user, including comparing the image toimages of the user stored in the identification database; analyze theimage to determine the probability that the image includes the location,including comparing the image to images of the location stored in theidentification database; and if the probability that the image includesthe user is above a user probability threshold, and the probability thatthe image includes the location is above a location probabilitythreshold, transmitting an authentication approval response to thedevice associated with the location.

The authentication server may be programmed to compare characteristicsof the picture with information stored in the identification database,the information being associated with the mobile device, to determinethe probability that the picture was taken by the mobile deviceassociated with the user.

The authentication server may be programmed to compare the angle atwhich the picture was taken, with the angle of images of the user storedin an identification database.

The authentication server may be programmed to store, in theidentification database, images from a previous picture requestassociated with the user; and use the stored images in later analysis todetermine the probability that a later-taken image includes the user.

The authentication server may be programmed to store, in theidentification database, images from a previous picture requestassociated with the location; and use the stored images in lateranalysis to determine the probability that a later-taken image includesthe location.

The authentication server may be programmed to receive the results of afingerprint identification taking place at the mobile device.

The authentication system may include the device associated with thelocation, and the device associated with the location may be programmedto execute the transaction only if the authentication server provides anauthentication approval response.

The authentication server may be programmed to transmit an alert to theuser if the probability that the image incudes the user is below theuser probability threshold; and transmit an alert to the location if theprobability that the image incudes the location is below the userprobability threshold.

In an exemplary embodiment, authenticating components of a transactionmay include receiving, by a mobile device associated with a user, via anetwork, a picture request from an authentication server; initiating acamera associated with the mobile device to take a picture, wherein thepicture includes an image of at least a portion of the user and at leasta portion of a real-time location of the user; and transmitting, by themobile device, via the network, the picture to the authenticationserver.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an illustration of an authentication system, in accordancewith an example embodiment of the present invention.

FIG. 2 is a flowchart illustrating a method for determining theprobability of an authentic user and merchant location, in accordancewith an example embodiment of the present invention.

FIG. 3 is a flowchart illustrating a method for determining theauthenticity of a user and merchant location, in accordance with anexample embodiment of the present invention.

FIG. 4 is a flowchart illustrating a further method for determining theauthenticity of a user mobile device, in accordance with an exampleembodiment of the present invention.

FIG. 5 is a flowchart illustrating a method for obtaining input fordetermining the authenticity of a user, a user mobile device, or amerchant location, in accordance with an example embodiment of thepresent invention.

FIG. 6 is an illustration of an exemplary picture to be used in theauthentication system, in accordance with an example embodiment of thepresent invention.

FIG. 7 is a flowchart illustrating a method for requesting adetermination of the authenticity of a user, a user mobile device, or amerchant location, and responding thereto, in accordance with an exampleembodiment of the present invention.

DETAILED DESCRIPTION

The following description of embodiments provides non-limitingrepresentative examples referencing numerals to particularly describefeatures and teachings of different aspects of the invention. Theembodiments described should be recognized as capable of implementationseparately, or in combination, with other embodiments from thedescription of the embodiments. A person of ordinary skill in the artreviewing the description of embodiments should be able to learn andunderstand the different described aspects of the invention. Thedescription of embodiments should facilitate understanding of theinvention to such an extent that other implementations, not specificallycovered but within the knowledge of a person of skill in the art havingread the description of embodiments, would be understood to beconsistent with an application of the invention.

In a transaction between a user and a merchant, the user may berepresented electronically by a mobile device, and the merchant may berepresented electronically by a point-of-sale (“POS”) device. Thefollowing systems and methods operate to authenticate the user, themerchant, or their respective devices.

The overall system is illustrated broadly in FIG. 1. The user 10,carrying mobile device 11, seeks to execute a transaction with amerchant (not pictured) at the merchant's location 20, such as a store,office, booth, or any other physical place of business where repeatedtransactions are executed.

Mobile device 11 may be any known mobile device, such as a smartphone,personal digital assistant, tablet computer, wearable device (such as asmartwatch), digital camera, or other computing device capable ofcommunicating with a remote server 30 or capable of local communicationwith a local device for communicating with a remote server 30. Themobile device 11 includes a camera, and the ability to connect to aremote server on a network, such as via the Internet. At least someportion of the systems and methods described as being carried out by themobile device may be divided among mobile devices carried by the user.For example, if the user is carrying one device communicating with aremote server (such as a smartphone), and a separate device for takingpictures (such as a wearable computing device), the two mobile devicesof the user may coordinate to carry out the invention.

The merchant's location 20 includes POS device 21. POS device 21 may bea computing device, capable of connecting to a remote server on anetwork, such as via the Internet.

To authenticate the requested transaction, the user's mobile device 11and the merchant's POS device 21 communicate with a remoteauthentication server 30. Server 30 includes an identification databasefor storing information associated with a user or merchant. For example,the identification database may store account information, contactinformation (e.g., telephone numbers, email addresses, IP addressesassociated with mobile devices or POS devices), pictures and otherinformation used to authenticate a user, a user's mobile device, or amerchant location in which the user and merchant are attempting toexecute a transaction. Server 30 further includes processingcapabilities for writing into the identification database, reading fromthe identification database, and comparing information received from themobile device 11 and POS device 21 to the information stored in theidentification database. The information stored in the identificationdatabase may also be stored across multiple databases, as long as theserver 30 is able to access the information as needed.

In an exemplary embodiment, as illustrated in FIGS. 2 and 3, when theuser and/or the merchant initiates a transaction, at step 101 the POSdevice 21 transmits an authentication request to the authenticationserver 30. The request may include information purporting to identifythe participants in the transaction, such as the user, the user's mobiledevice, the merchant, or the POS. The identification information maytake the form of readily identifiable information, e.g., names oraddresses, or may take the form of coded or indexed referenceinformation, e.g., usernames or customer numbers. The request mayfurther include information describing the transaction, such as thenature of a product or service provided by the merchant or the value ofgoods being exchanged.

Upon receiving the request from the POS device 21, the server 30extracts the user identification information to associate the requestwith a user. The server 30 then identifies contact information for theuser's mobile device 11, such as a telephone number, email address, orIP address. At step 102, the server initiates a communication to themobile device 11, the communication including a request for a picture.

Upon receiving the request from the server 30, the mobile device 11 mayinitiate the exemplary embodiment illustrated in FIG. 5. At step 201,the mobile device 11 receives the request from the server, and parsesthe request to determine that the server 30 is requesting a picture. Themobile device 11 then initiates a connected camera to take a picture.The camera may be built into the mobile device 11, or may be connected(either by wire, or wirelessly) to the mobile device.

In an exemplary embodiment, the request from the server 30 initiates amessage to be displayed on the mobile device 11, informing the user thata picture is necessary to carry out the transaction. The user may thenoperate the mobile device 11 to take a picture including at least somepart of the user, and at least some part of the location. Once thepicture is taken, the mobile device 11 may be used to transmit thepicture back to the server 30. The picture may include additionalinformation identifying the user 10, the mobile device 11, and thetransaction for which these authentication procedures are supporting.

The request from the server 30 may also include an alternative for theuser 10 to provide some indication that the transaction should not beexecuted. For example, if the user did not initiate the transaction,then the request for the picture will serve as an alert the user thatthe transaction has been initiated, and the user may be provided with anicon or button for declining the transaction. This may take the form ofa command to the server 30 to deny authentication of the transaction.

In an alternative exemplary embodiment, the request from the server 30may ask for the picture to be taken without displaying an alert on themobile device 11, or without input from the user. In this manner, if themobile device 11 has been stolen and is being used illegitimately tocarry out the transaction, the illegitimate user will not be made awareof the security measures being enacted, limiting the ability of theillegitimate user to thwart these measures.

Returning to the exemplary embodiment illustrated in FIGS. 2 and 3, theserver 30 receives the picture from the mobile device at step 103. Theserver 30 then carries out recognition processes, at steps 104-106 tocompare the picture to information stored in the identification databaseand determine the probability that the user, or the merchant location,is authentic.

To identify the user 10, the server 30 may use facial recognitionprogramming to compare the image of the user 10 captured in the instantpicture, to pictures of the user stored on the identification database.The identification database may store a collection of pictures of theuser 10, to be used in identifying the user 10 in the authenticationprocess. For example, the user 10 may be required to take, or upload,one or more pictures of the user 10, possibly from various angles, at atime prior to the transaction, such as when the user's identity can beconfirmed in other ways. The server 30 may also request that the mobiledevice 11 transmit any pictures of the user 10 that are stored locallyon the mobile device 11, or stored on another server that the mobiledevice 11 may access. Further, the server 30 may store in theidentification database any pictures of the user 10 that are used forauthenticating a transaction, to assist in future authenticationprocesses.

The server processes the picture to compare the image of the user to theimages of the user previously stored in the identification database. Forexample, the server may use machine learning (e.g., a convolutionalneural network) to process the previously-stored pictures of the userand compare them to the picture of the user taken during the instantauthentication process. The server 30 may compare certain featuresdepicted in the instant image (e.g., hair color, skin tone, size ratioof facial features) to the previously-stored pictures. Recognizing thateach user may have a unique, and repeated, way to hold their mobiledevices, the server 30 may compare the angle of the picture to the angleof other pictures taken during previous authentication processes.

As a result of this comparison, at step 105, the server determines anauthentic user probability, i.e., the probability that the pictured useris authentic. The authentic user probability may be determined based onany metric known to image recognition processing or convolutional neuralnetwork models. The authentic user probability may be impacted byseveral factors. For example, the number of stored pictures of the userin the identification database may impact the authentic userprobability. The greater the number of pictures of the user stored inthe identification database, the more readily the server will be able toidentify the user, so that an identification of the user may beconsidered more probable if it is based on a large number of pictures.At step 106, the server compares the user probability to a userprobability threshold. If the determined user probability is below theuser probability threshold, then, at step 107, the server transmits anauthentication denial to the POS device 21, instructing the POS device21 not to execute the transaction. The server 30 may also send anotification to the user or merchant that a fraudulent transaction hasbeen attempted. If the determined user probability is equal to orgreater than the user probability threshold, then the server 30 checkswhether the determined location probability is equal to or greater thanthe location probability threshold. If both the determined userprobability and the determined location probability are equal to orgreater than their respective thresholds, then, at step 111, the server30 transmits an authentication approval to the POS device 21,instructing the POS device 21 to execute the transaction. The server 30may also send a notification to the user or merchant that thetransaction has been authenticated. The threshold may be defined oradjusted as desired. For example, a high threshold will result in ahigher level of security, but will increase the risk that a validtransaction being denied and will use more processing resources, while alow threshold will lessen the level of security, but will reduce theinconvenience of a denied valid transaction and will allow for fasterprocessing.

To identify the location 20, the server 30 may use visual imageryrecognition programming to compare the image of the location 20 capturedin the instant picture, to pictures of the location stored on theidentification database. The identification database may store acollection of pictures of the location 20, to be used in identifying thelocation 20 in the authentication process. For example, the merchant maybe required to take, or upload, one or more pictures of the location 20,possibly from angles that are expected to by commonly used by users inthe authentication processes, at a time prior to the transaction, suchas when the location's authenticity can be confirmed in other ways. Theserver 30 may store in the identification database any pictures of thelocation 20 that are used for authenticating a transaction (whether bythe instant user or by other users), to assist in future authenticationprocesses.

In particular, the stored pictures of the location may be focused onparticular POS devices 21 within a merchant location 20. For example, ifa merchant location has five POS devices, the pictures taken by a user'smobile device 11 may include different parts of the location, dependingon which POS device 21 is executing the transaction. Therefore, each POSdevice 21 may have its own associated pictures.

The server processes the picture to compare the image of the location tothe images of the location previously stored in the identificationdatabase, associated with the relevant POS device 21. For example, theserver may use machine learning (e.g., a convolutional neural network)to process the previously-stored pictures of the location and comparethem to the picture of the location taken during the instantauthentication process. The server 30 may compare certain featuresdepicted in the instant image (e.g., color or materials of the walls,ceiling, or floor, identifying damage, the size ratio of visiblestructures) to the previously-stored pictures. The server 30 may comparethe angle of the picture to the angle of other pictures taken duringprevious authentication processes, that were associated with thatparticular POS device 21.

As a result of this comparison, at step 108, the server determines anauthentic location probability, i.e., the probability that the picturedlocation is authentic. The authentic location probability may bedetermined based on any metric known to image recognition processing orconvolutional neural network models. The authentic location probabilitymay be impacted by several factors. For example, the number of storedpictures of the location in the identification database may impact theauthentic location probability. The greater the number of pictures ofthe location stored in the identification database, the more readily theserver will be able to identify the location, so that an identificationof the location may be considered more probable if it is based on alarge number of pictures. At step 109, the server compares the locationprobability to a location probability threshold. If the determinedlocation probability is below the location probability threshold, then,at step 110, the server transmits an authentication denial to the POSdevice 21, instructing the POS device 21 not to execute the transaction.The server 30 may also send a notification to the user or merchant thata fraudulent transaction has been attempted. If the determined locationprobability is equal to or greater than the location probabilitythreshold, then the server 30 checks whether the determined userprobability is equal to or greater than the location probabilitythreshold. If both the determined user probability and the determinedlocation probability are equal to or greater than their respectivethresholds, then, at step 111, the server 30 transmits an authenticationapproval to the POS device 21, instructing the POS device 21 to executethe transaction. The server 30 may also send a notification to the useror merchant that the transaction has been authenticated. The thresholdmay be defined or adjusted as desired. For example, a high thresholdwill result in a higher level of security, but will increase the riskthat a valid transaction being denied and will use more processingresources, while a low threshold will lessen the level of security, butwill reduce the inconvenience of a denied valid transaction and willallow for faster processing.

Identifying a location may present a more difficult processing task thanidentifying a user. For example, as various users may appear indifferent positions in a picture, different portions of the locationwill appear in different pictures, and different portions will beobscured by the image of the user. It may be advantageous to set a lowerlocation probability threshold, for example, in comparison to the userprobability threshold. It may further be advantageous to set a limit onthe minimum number of stored pictures that must be determined to matchthe location before the location can be considered properly identified.

In an exemplary embodiment, steps 105 and 106 for authenticating theuser may be carried out first, before steps 108 and 109 forauthenticating the location. The server 30 may process the picture torecognize and authenticate the image of the user 10. Once the user 10has been authenticated, the server may again process the picture byremoving the image of the user, and then exclusively processing theimage of the location.

The server may be able to identify the user or location based on onestored picture, but the ability of the server to properly identify theuser or location may increase with the number of stored pictures. Theserver may also undergo regular training to improve its recognition. Forexample, the server may be implementing a particular machine learningmodel in its recognition processes, and that model may be updated asadditional pictures or other information yield improvements. In aparticular example, the server may be trained regularly, e.g., once perday, at a time when the server typically experiences low servicerequirements, e.g., early morning. The model may also be developed andupdated on a separate server, and loaded to the server 30.

In certain embodiments, for example, in the use of a convolutionalneural network, the embeddings of the pictures may be stored in theidentification server, instead of the entire picture. The embeddings area small vector of numbers that represents the picture. This will help toreduce storage space and calculation time.

An exemplary embodiment of the picture 12 is illustrated in FIG. 6. Theuser 10 is depicted in the foreground of picture 12, with at least aportion of the location 20 captured in the background. The illustrationof FIG. 6 is exemplary; the picture 12 should include at least some partof the user sufficient to identify that user, and at least some part ofthe background location sufficient to identify the location. In theexemplary illustration of FIG. 6, the image of the user 10 may becompared to the images in the pictures of the user stored in theidentification database, and the image of the background location 20 maybe compared to the images in the pictures of the background location 20stored in the identification database, or, more specifically, with thosepictures associated with the POS device 21 that being used in thetransaction.

In addition to authenticating the user 10, and the location 20, thepicture taken by the mobile device 11 may be used to authenticate themobile device 11, for an additional layer of security. In the exemplaryembodiment illustrated in FIG. 4, the server 30 receives the pictureform the mobile device 11, just as in FIGS. 2 and 3. The picture mayhave certain characteristics useful in identifying the mobile device 11.For example, the picture may have a certain size, ratio, pixel quality,or pixel count. At step 112, these characteristics may be determined bythe server in analyzing the picture, or may be included in metadatatransmitted with the picture. The server 30 may have characteristics ofthe mobile device 11 stored in the identification database, allowing theserver 30, at step 113, to match the characteristics of the picture todetermine whether the mobile device 11 that took the picture is themobile device associated with the user 10. If the information matches,the server 30 may transmit an authentication approval to the POS device21, instructing the POS device 21 not to execute the transaction. If theinformation does not match, the server 30 may transmit an authenticationdenial to POS device 21, instructing the POS device 21 to execute thetransaction. In either case, the server 30 may also send a notificationto the user or merchant including the results of the comparison.

In an exemplary embodiment, the process of the POS device 21 isillustrated in FIG. 7. After transmitting an authentication request tothe server 30 in step 301, the POS device 21 waits for the response fromthe server 30, which may include an authentication approval or anauthentication denial. At step 302, the POS device 21 receives theresponse from the server 30, and determines, at step 303, whether theresponse is an approval or a denial. If the server 30 provided anauthentication denial, then at step 304 the POS device 21 does notexecute the transaction. If the server 30 provided an authenticationapproval, then at step 305 the POS device 21 executes the transaction.

The present disclosure is not to be limited in terms of the particularembodiments described in this application, which are intended asillustrations of various aspects. Many modifications and variations canbe made without departing from its spirit and scope, as may be apparent.Functionally equivalent methods and apparatuses within the scope of thedisclosure, in addition to those enumerated herein, may be apparent fromthe foregoing representative descriptions. Such modifications andvariations are intended to fall within the scope of the appendedrepresentative claims. The present disclosure is to be limited only bythe terms of the appended representative claims, along with the fullscope of equivalents to which such representative claims are entitled.It is also to be understood that the terminology used herein is for thepurpose of describing particular embodiments only, and is not intendedto be limiting.

1. A method for authenticating components of a transaction, comprising:receiving, by an authentication server, via a network, an authenticationrequest from a device associated with a location, the authenticationrequest including information identifying a user participating in thetransaction, wherein the authentication request is responsive to theinitiation of the transaction between a mobile device associated withthe user and the device associated with the location, wherein the mobiledevice is associated with a camera and is configured to communicate withthe authentication server and the device associated with the location;transmitting, by the authentication server, via the network, a picturerequest to the mobile device; receiving, by the authentication server,via the network, a picture taken by the associated camera of the mobiledevice in response to the picture request; analyzing, by theauthentication server, the picture to determine the probability that thepicture includes an image of at least a portion of the user, includingcomparing the picture to images of the user stored in an identificationdatabase; analyzing, by the authentication server, the picture todetermine the probability that the picture includes an image of at leasta portion of the location other than the device associated with thelocation, including comparing the picture to images of the locationstored in the identification database; and if the probability that thepicture includes an image of the user is above a user probabilitythreshold, and the probability that the picture includes an image of thelocation is above a location probability threshold, transmitting, by theauthentication server, via the network, an authentication approvalresponse to the device associated with the location.
 2. The method ofclaim 1, further comprising: comparing, by the authentication server,characteristics of the picture with information stored in theidentification database, the information being associated with themobile device, to determine the probability that the picture was takenby the mobile device associated with the user.
 3. The method of claim 2,wherein the characteristics of the picture compared with informationstored in the identification database include at least one of thefollowing: (a) pixel count; (b) resolution.
 4. The method of claim 1,wherein the picture request causes the mobile device to take the picturewithout additional commands from the user.
 5. The method of claim 1,wherein the step of analyzing the image to determine the probabilitythat the picture includes the user further comprises: comparing theangle at which the picture was taken, with the angle of images of theuser stored in an identification database.
 6. The method of claim 1,further comprising: automatically transmitting, from the mobile device,via the network, the images of the user to be stored in theidentification database.
 7. The method of claim 1, further comprising:storing, in the identification database, images from previous picturerequests associated with the user.
 8. The method of claim 7, furthercomprising: using the images from previous picture requests associatedwith the user to train the authentication server to determine theprobability that an image includes the user.
 9. The method of claim 1,further comprising: storing, in the identification database, images fromprevious picture requests associated with the location.
 10. The methodof claim 9, further comprising: using the pictures from previous picturerequests associated with the location to train the authentication serverto determine the probability that a picture includes an image of thelocation.
 11. The method of claim 1, wherein the step of analyzing thepicture to determine the probability that the picture includes an imageof at least a portion of the user is performed, and then the user'simage is removed from the picture, and the step of analyzing the pictureto determine the probability that the picture includes an image of atleast a portion of the location is performed.
 12. A system forauthenticating components of a transaction, comprising: anidentification database containing user identification informationincluding reference images of a user, information identifying a mobiledevice associated with the user, and location identification informationincluding reference images of a location; and an authentication server,in communication with the identification database, including anauthentication processor programmed to: receive an authenticationrequest from a device associated with the location, the authenticationrequest including information identifying the user participating in thetransaction, wherein the authentication request is responsive to theinitiation of the transaction between the mobile device and the deviceassociated with the location, wherein the mobile device is associatedwith a camera and is configured to communicate with the authenticationserver and the device associated with the location; transmit a picturerequest to the mobile device; receive a picture taken by the associatedcamera of the mobile device in response to the picture request; analyzethe picture to determine the probability that the picture includes animage of at least a portion of the user, including comparing the pictureto images of the user stored in the identification database; analyze thepicture to determine the probability that the picture includes an imageof at least a portion of the location other than the device associatedwith the location, including comparing the picture to images of thelocation stored in the identification database; and if the probabilitythat the picture includes an image of the user is above a userprobability threshold, and the probability that the image includes animage of the location is above a location probability threshold,transmitting an authentication approval response to the deviceassociated with the location.
 13. The system of claim 12, theauthentication server further programmed to: compare characteristics ofthe picture with information stored in the identification database, theinformation being associated with the mobile device, to determine theprobability that the picture was taken by the mobile device associatedwith the user.
 14. The system of claim 12, the authentication serverfurther programmed to: compare the angle at which the picture was takenwith the angle of images of the user stored in an identificationdatabase.
 15. The system of claim 12, the authentication server furtherprogrammed to: store, in the identification database, images from aprevious picture request associated with the user; and use the storedimages in later analysis to determine the probability that a later-takenimage includes the user.
 16. The system of claim 12, the authenticationserver further programmed to: store, in the identification database,images from a previous picture request associated with the location; anduse the stored images in later analysis to determine the probabilitythat a later-taken image includes the location.
 17. The system of claim12, the authentication server further programmed to: receive the resultsof a fingerprint identification taking place at the mobile device. 18.The system of claim 12, further comprising the device associated withthe location, wherein the device associated with the location isprogrammed to execute the transaction only if the authentication serverprovides an authentication approval response.
 19. The system of claim12, the authentication server further programmed to: transmit an alertto the user if the probability that the image incudes the user is belowthe user probability threshold; and transmit an alert to the location ifthe probability that the image incudes the location is below the userprobability threshold.
 20. A method for authenticating components of atransaction, comprising: receiving, by a mobile device associated with auser, via a network, a picture request from an authentication server;initiating a camera associated with the mobile device to take a picture,wherein the picture includes an image of at least a portion of the userand at least a portion of a real-time location of the user; andtransmitting, by the mobile device, via the network, the picture to theauthentication server.
 21. The method of claim 1, wherein the analyzingof the picture to determine the probability that the picture includes animage of at least a portion of the location is based on at least one of(i) a color of a wall, ceiling, or floor of the location, (ii) damagedportions of a wall, ceiling, or floor of the location, and (iii) a sizeratio of a visible structure within the location.